Merge branch 'v10_0_0' into record_custom_event_raise_on_invalid

Author: hannahramadan

CHANGELOG.md

@@ -3,19 +3,27 @@
 ## dev
 
 - **Breaking Change: Remove support for Ruby 2.4 and 2.5**
+
   Support for Ruby versions 2.4 and 2.5 has been removed. The new minimum required Ruby version is now 2.6. [PR#3314](https://github.com/newrelic/newrelic-ruby-agent/pull/3314)
 
 - **Breaking Change: Rename ActiveJob metrics**
+
   ActiveJob metrics have been updated to include the job's class name for more specific reporting. This is a breaking change and may require updating custom dashboards or alerts. [PR#3320](https://github.com/newrelic/newrelic-ruby-agent/pull/3320)
     - Old format: `Ruby/ActiveJob/<QueueName>/<Method>`
     - New format: `Ruby/ActiveJob/<ClassName>/<QueueName>/<Method>`
 
 - **Breaking Change: Rename `bin/newrelic` command to `bin/newrelic_rpm`**
+
   The executable file for the agent's CLI has been renamed from `bin/newrelic` to `bin/newrelic_rpm`. This change resolves a name collision with the standalone New Relic CLI tool. [PR#3323](https://github.com/newrelic/newrelic-ruby-agent/pull/3323)
 
 - **Feature: Add argument validation for the `Agent#record_custom_event` API**
+
   The `Agent#record_custom_event` API now raises an `ArgumentError` when an invalid `event_type` is provided. A valid event type must consist only of alphanumeric characters, underscores (`_`), colons (`:`), or spaces (` `). [PR#3319](https://github.com/newrelic/newrelic-ruby-agent/pull/3319)
 
+- **Breaking Change: Remove experimental feature Configurable Security Policies (CSP)**
+
+  The experimental feature, Configurable Security Policies (CSP), is no longer supported and has been removed. [PR#3292](https://github.com/newrelic/newrelic-ruby-agent/pull/3292)
+
 ## v9.23.0
 
 - **Feature: Add sidekiq.ignore_retry_errors configuration option**

lib/new_relic/agent/agent.rb

@@ -238,8 +238,7 @@ def needs_after_fork_work?
           return false if !needs_restart ||
             !Agent.config[:agent_enabled] ||
             !Agent.config[:monitor_mode] ||
-            disconnected? ||
-            !control.security_settings_valid?
+            disconnected?
 
           true
         end

lib/new_relic/agent/configuration/default_source.rb

@@ -576,13 +576,6 @@ def self.enforce_fallback(allowed_values: nil, fallback: nil)
           :exclude_from_reported_settings => true,
           :description => 'Defines a user for communicating with the New Relic [collector](/docs/using-new-relic/welcome-new-relic/get-started/glossary/#collector) via a proxy server.'
         },
-        :security_policies_token => {
-          :default => '',
-          :public => true,
-          :type => String,
-          :allowed_from_server => false,
-          :description => 'Applies Language Agent Security Policy settings.'
-        },
         :send_data_on_exit => {
           :default => true,
           :public => true,

lib/new_relic/agent/configuration/manager.rb

@@ -9,7 +9,6 @@
 require 'new_relic/agent/configuration/server_source'
 require 'new_relic/agent/configuration/environment_source'
 require 'new_relic/agent/configuration/high_security_source'
-require 'new_relic/agent/configuration/security_policy_source'
 
 module NewRelic
   module Agent
@@ -48,7 +47,6 @@ def add_config_for_testing(source, level = 0)
 
         def remove_config_type(sym)
           source = case sym
-          when :security_policy then @security_policy_source
           when :high_security then @high_security_source
           when :environment then @environment_source
           when :server then @server_source
@@ -62,7 +60,6 @@ def remove_config_type(sym)
 
         def remove_config(source)
           case source
-          when SecurityPolicySource then @security_policy_source = nil
           when HighSecuritySource then @high_security_source = nil
           when EnvironmentSource then @environment_source = nil
           when ServerSource then @server_source = nil
@@ -85,7 +82,6 @@ def replace_or_add_config(source)
           invoke_callbacks(:add, source)
 
           case source
-          when SecurityPolicySource then @security_policy_source = source
           when HighSecuritySource then @high_security_source = source
           when EnvironmentSource then @environment_source = source
           when ServerSource then @server_source = source
@@ -379,7 +375,6 @@ def parse_labels_from_dictionary
 
         # Generally only useful during initial construction and tests
         def reset_to_defaults
-          @security_policy_source = nil
           @high_security_source = nil
           @environment_source = EnvironmentSource.new
           log_config(:add, @environment_source) # this is the only place the EnvironmentSource is ever created, so we should log it
@@ -433,7 +428,6 @@ def log_config(direction, source)
         end
 
         def delete_all_configs_for_testing
-          @security_policy_source = nil
           @high_security_source = nil
           @environment_source = nil
           @server_source = nil
@@ -454,8 +448,7 @@ def config_classes_for_testing
         private
 
         def config_stack
-          stack = [@security_policy_source,
-            @high_security_source,
+          stack = [@high_security_source,
             @environment_source,
             @server_source,
             @manual_source,

lib/new_relic/agent/configuration/security_policy_source.rb

@@ -23,10 +23,7 @@ def configure_agent(config_data)
 
           @agent.agent_id = config_data['agent_run_id']
 
-          security_policies = config_data.delete('security_policies')
-
           add_server_side_config(config_data)
-          add_security_policy_config(security_policies) if security_policies
 
           @agent.transaction_rules = RulesEngine.create_transaction_rules(config_data)
           @agent.stats_engine.metric_rules = RulesEngine.create_metric_rules(config_data)
@@ -44,14 +41,6 @@ def add_server_side_config(config_data)
           server_config = NewRelic::Agent::Configuration::ServerSource.new(config_data, @config)
           @config.replace_or_add_config(server_config)
         end
-
-        def add_security_policy_config(security_policies)
-          ::NewRelic::Agent.logger.info('Installing security policies')
-          security_policy_source = NewRelic::Agent::Configuration::SecurityPolicySource.new(security_policies)
-          @config.replace_or_add_config(security_policy_source)
-          # drop data collected before applying security policies
-          @agent.drop_buffered_data
-        end
       end
     end
   end